Your Fourth Amendment Rights Should Not be Limited by Terms of Service

Your Fourth Amendment Rights Should Not be Limited by Terms of Service

Last week, we filed an amicus brief in U.S. v. Wilson, a federal appellate case, in which we argued that email providers’ terms of service can’t limit your Fourth Amendment rights. This is the second brief we’ve filed in less than a year addressing this important point.

Email and other electronic communications can contain highly personal, intimate details of our lives. As one court noted, through emails, “[l]overs exchange sweet nothings, and businessmen swap ambitious plans, all with the click of a mouse button.” In an age where almost all of us now communicate via email, text, or some other messaging service, electronic communications are effectively no different from letters, which the Supreme Court held were protected by the Fourth Amendment way back in 1878.

At this point, almost all courts that have squarely addressed the issue have held the Fourth Amendment protects electronic communications from warrantless searches—even if you store your email with a third party service provider. And last summer, all nine justices on the Supreme Court agreed with this premise in United States v. Carpenter. However, in Wilson, the district court added a new wrinkle. It reasoned that the Fourth Amendment no longer applies once an email user violates a provider’s terms of service (TOS).

Background on the Case

It may seem difficult to conceive how an agreement with your email provider to deliver and store your emails could eviscerate your Fourth Amendment rights. But that’s what the district court decided in Wilson.

Google shut down Wilson’s email account after its automated anti-child pornography filters were triggered by four images attached to one of his emails. Following federal law, Google sent the images and information about Wilson’s account to the National Center for Missing and Exploited Children (NCMEC), which led to Wilson’s indictment on child pornography charges. When Wilson challenged the search, the district court opined that Google’s TOS—which notified Wilson that it could monitor his email and terminate his account for illegal conduct—nullified his Fourth Amendment rights once he sent the illegal images. Wilson appealed this order to the U.S. Court of Appeals for the Ninth Circuit.

The district court didn’t base its ultimate decision on its TOS analysis. Instead, it held that because Google had already “searched” Wilson’s email before it turned the images over to NCMEC, any follow-on government searches that didn’t expand on Google’s initial search were exempt from Fourth Amendment protection (under the “private search doctrine”).

However, we couldn’t let the district court’s dangerous analysis remain unchallenged, so we filed a brief in the Ninth Circuit to educate the appellate court about the perils of its approach to analyzing TOS agreements.

The District Court’s Logic Doesn’t Make Sense

The district court’s analysis is simply wrong. Under its logic, your Fourth Amendment rights rise or fall based on unilateral contracts with your service providers—contracts that all of us must agree to so that we can use services that are a necessary part of daily life, but contracts that almost none of us even read. As we argued in our brief, a company’s TOS should not dictate your constitutional rights, because terms of service are rules about the relationship between you and your email provider—not you and the government.

Companies draft terms of service to govern how their platforms may be used. Companies’ TOS control what kind of content you can post, how you can use the platform, and how platforms can protect themselves against fraud.

The terms of these contracts are extremely broad. Actions that could cause a provider to terminate your account for TOS violations include not just criminal activity, such as distributing child pornography, but also—as defined solely by the provider—actions like sending an email containing a racial epithet, sharing a news article with your team at work without permission from the copyright holder, or marketing your small business to all of your friends without their advance consent. While some might find activities such as these objectionable or annoying, they shouldn’t justify the government ignoring your Fourth Amendment right to privacy over your emails.

Given the vast amount of storage many email providers offer, most of us now hold onto email for years. Accounts can hold tens of thousands of private, personal messages, photos, and videos—each of which could reveal intimate details about our private and professional lives. And, given the convenience offered by commercial third party email providers, very few of us take the trouble to set up a private server to send, receive, and maintain these emails. This means the only way most of us can use email at all is by agreeing to these third party providers’ terms of service.

Last summer, all nine justices on the Supreme Court agreed that even if we store electronic communications with a third party provider, we still have Fourth Amendment-protected privacy interests in those communications. These constitutional rights would be meaningless, however, if they could be ignored simply because a user agreed to a company’s TOS, and then somehow violated that TOS.

The trial court’s ruling in Wilson allows private agreements to trump bedrock Fourth Amendment protections for private communications. The ruling affects far more than child pornography cases: anyone whose account was shut down for any violation of a TOS could lose Fourth Amendment protections over all the emails in their account.

The Ninth Circuit should reject such a sweeping invalidation of constitutional rights. We look forward to the court’s eventual decision, and will continue in the meantime to defend the important Carpenter decision, while working to extend its core holding to other contexts.

Related Updates

Last week, Facebook started sending a small portion of its users a new notification about its face surveillance program, which concludes with two important buttons: “keep off” and “turn on.” This is a step in the right direction: for these users, the default will be no face surveillance...

The California Senate listened to the many voices expressing concern about the use of face surveillance on cameras worn or carried by police officers, and has passed an important bill that will, for three years, prohibit police from turning a tool intended to foster police accountability into one that furthers...

EFF continues our fight to have the U.S. courts protect you from mass government surveillance. Today in our landmark Jewel v. NSA case, we filed our opening brief in the Ninth Circuit Court of Appeals, asserting that the courts don’t have to turn a blind eye to the...

If you open Facebook’s mobile app today, it will likely suggest that you try the company’s new Dating service, which just launched in the U.S. after a rollout in 19 other countries last year. But with the company’s track record of mishandling user data, and its business model of monetizing...

Yesterday Facebook announced it was changing its settings for face recognition, which it has used since 2010 to match known faces in user profile pictures and other photos to unknown faces in newly uploaded photos. This leads to two questions: What exactly has Facebook changed? How many Facebook users...

Hundreds of thousands of Californians last year demanded that big technology companies respect their privacy rights, and supported a movement that led to the California Consumer Privacy Act. The law will go into effect on January 1, 2020. Big technology companies fought hard against the CCPA and have been leaning...

Media outlets reported this week that an international student at Harvard University was deported back to Lebanon after border agents in Boston searched his electronic devices and confronted him about his friends’ social media posts. These allegations raise serious concerns about whether the government is following its own policies regarding...

More than 400 police departments across the country have partnered with Ring, tech giant Amazon’s “smart” doorbell program, to create a troubling new video surveillance system. Ring films and records any interaction or movement happening at the user’s front door, and alerts users’ phones. These partnerships expand the web...

EFF is teaming up with the Mozilla Foundation to tell Venmo to clean up its privacy act. In a public letter sent to President/CEO Dan Schulman and COO Bill Ready today, we are telling Venmo to make transactions private by default and let users hide their friend lists. Both ...

San Francisco – The Electronic Frontier Foundation (EFF) and Mozilla have teamed up in an open letter to Venmo, telling the popular payment app to clean up its privacy settings, which leaves sensitive financial data exposed to the public. Venmo is marketed as a way for friends to send...